With all the attention paid to the best-known open source products like Linux, JBoss and MySQL, it's easy to overlook the fact that there are well over 90,000 open source projects available on SourceForge. I'm often faced with a situation in which I meet someone who says, "We use open source." Then, she or he names a product I've never heard of. Usually, once I find out what it does, I recognize how useful it is and begin to think of how enterprises can apply it. It just seems like the creativity of the open source community never ends.

Given that, I want to discuss three products that I've gotten acquainted with over the past few months that you might not be aware of. I think you'll find them interesting, and, I hope, applicable to your environment.

Nagios: Your friendly network monitor

In enterprise environments with large numbers of machines and network resources, administrators often are run ragged fighting fires. Many times, the first a sys admin hears about a problem is when someone calls to complain about an application not being available. This is certainly not helpful in polishing IT's image and definitely an inefficient way to run a shop. The solution is network monitoring software that tracks the state of all resources in the environment, whether machines, network resources or services, such as SSH (Secure Socket Shell).

Nagios is a lightweight open source network monitor that can be used to help harried system administrators. Unlike some other products, Nagios does not require agent software to be placed on the monitored resource (thus the term light-weight). It is very straightforward to configure and offers the ability to group resources by type (so, all machines running SSH might fall into an SSH_group). Naturally, you can also configure it to raise an alert about a problem situation so that someone can know to go fix it.

How good is Nagios? One article cited on the Nagios site quoted an unnamed-by-request CIO who was replacing a commercial product costing $1.5 million per year with Nagios. He noted Nagios wouldn't do everything the commercial product would, but it could be extended by his staff and still offer significant savings. Nagios has had around 500K SourceForge downloads in its three-year life, so it is pretty well-established, if not that well-known.

One of the most attractive aspects of Nagios is the fact that so many extensions have been built for it and are also available as open source. Just as ACID makes Snort a much more useful tool, these extensions build on the base Nagios product and provide additional functionality.

Xen: When one machine isn't enough

Xen is a virtualization product, allowing one physical machine to host a number of virtual machines. It works by enabling multiple copies of an operating system to run on a single machine simultaneously. The OSes don't all have to be the same, either.

Virtualization is particularly appropriate, given the massive computing power available through high-performance, multi-CPU Intel boxes. In the past, the performance penalty exacted by virtualization overwhelmed the power of typical machines, so that there was little point in using it. Today, however, so much computing power is available in a single box that performance issues are not really relevant.

Virtualization can be used in a number of scenarios:

Virtualization can increase security through isolation of an operating environment. Security is often a consideration for certain applications, requiring a machine with no other applications or users. By using virtualization, a safe operating environment can be made available.

Virtualization can reduce costs of operations. A dedicated operating environment can be offered without the need to dedicate a piece of hardware. This is useful when low-cost operations are needed among untrusting or unacquainted users. Commercial Web hosting is an obvious application for this scenario. If I'm running a company's Web site, I don't want to have to contend with changes implemented by other organizations; on the other hand, a very low-cost solution may be necessary. Virtualization makes it possible for a Web hosting company to satisfy both needs.

Virtualization can provide development support. Every application goes through a well-established lifecycle. First comes development, then quality assurance testing, perhaps an external beta and finally operational deployment. Of course, then the cycle begins again as enhancements or patches are developed, tested, and so on. In the past, dedicated machines were required to host every different version of an application, and different groups also need their own machines to perform their work. For an active project, hardware costs could mount very quickly. Virtualization allows different groups and versions to all run on a much lower number of boxes, reducing both hardware and administration costs.

A commercial virtualization product, VMWare, has been very popular in the past; however, it is relatively expensive, making it unaffordable for many organizations. Xen will bring virtualization to a new user base. Unlike VMWare, Xen does not support hosting Windows, reducing its attractiveness somewhat. Xen may eventually support Windows as well, but even without that support, it's a very useful piece of technology. A sign of that is evinced by the recent funding of a commercial support arm for Xen, Xensource.

Asterisk: Press 1 for Your PBX

Office PBX systems have long been the province of proprietary and expensive solutions. Even though the functionality is extremely standardized -- I mean, how many ways are there to implement a phone tree? -- it has typically been delivered on a purpose-built hardware platform running proprietary software.

Today, however, there is an open source alternative for office PBXs called Asterisk. Based on a Linux hardware platform with specialized cards from Digium (not open source, it must be said), Asterisk offers all the functionality delivered by its commercial counterparts.

In terms of network topology, Asterisk offers extreme flexibility. It can connect to the outside world via analog or digital lines, and it can distribute calls internally via traditional phone cabling or over IP.

What about hardware requirements? After all, if it takes a dual processor box with huge amounts of RAM, maybe Asterisk isn't worth it. According to Jason Becker, CEO of Coalescent Systems, an Asterisk service provider, Asterisk can be run on as little as a Pentium III machine. With Digium cards running at around $400, an office can have a functional PBX for much less than $1000. If you have an unused server hanging around, the price point can be even less. Coalescent, by the way, is the originator of AMP (Asterisk Management Portal), an open source app that makes configuring and running Asterisk much easier.

Asterisk makes it possible for even a small company to offer sophisticated telephone services. Just as Nagios has spawned a number of extensions, AMP is an example of how Asterisk has been extended and improved by its user community.

Golden's Rule

None of the three products discussed above will scale to the heights their commercial counterparts can; however, each of them are very serviceable for a large percentage of real-world needs.

Too often, open source is thought of as just the LAMP (Linux, Apache, MySQL, and Perl, Python or PHP) stack. There are many, many useful open source products that are available; some integrate with LAMP, others extend it. Don't think you've exhausted open source enlightenment when you've got your current applications migrated to LAMP.

About the author: Bernard Golden is CEO of Navica Inc., a systems integrator based in San Carlos, Calif. He is the author of Succeeding with Open Source (Addison-Wesley, August 2004) and the creator of the Open Source Maturity Model (OSMM), a formalized method of locating, assessing, and implementing open source software.For more information:

0 comments

E-Mail

Username / Password

Password

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy